【lulzsecurity】黑客集团连黑索尼
【中文标题】黑客集团连黑索尼【原文标题】LulzSec
【登载媒体】lulzsecurity
【译者】无聊人的意志
【翻译方式】人工
【原文作者】http://lulzsecurity.com
【原文链接】http://bbs.m4.cn/thread-3103632-1-1.html
【声明】本翻译供Anti-CNN使用,未经AC或译者许可,不得转载。
【译文】
. /$$ /$$ /$$$$$$
.| $$ | $$ /$$__$$
.| $$ /$$ /$$| $$ /$$$$$$$$| $$\__//$$$$$$ /$$$$$$$
.| $$ | $$| $$| $$|____ /$$/|$$$$$$/$$__$$ /$$_____/
.| $$ | $$| $$| $$ /$$$$/\____$$| $$$$$$$$| $$
.| $$ | $$| $$| $$/$$__/ /$$\ $$| $$_____/| $$
.| $$$$$$$$|$$$$$$/| $$ /$$$$$$$$|$$$$$$/|$$$$$$$|$$$$$$.$
.|________/ \______/ |__/|________/ \______/\_______/ \_______/
//Laughing at your security since 2011!
.-- .-""-.
. ) ( )
.( ) (
. / )
. (_ _) 0_,-.__
. (_)_ |_.-._/
. ( ) |lulz..\
. (__) |__--_/
. |'' ``\ |
. | \ | /b/
. | \,,,---===?A`\|,==y'
. ___,,,,,---==""\ |M] \ | ;|\ |>
. _ _ \ ___,|H,,---==""""bno,
. oO(_) (_) \ / _ AWAW/
. / _(+)_dMM/
. \@_,,,,,,---==" \ \\|//MW/
.--''''" ===d/
. // SET SAIL FOR FAIL!
. ,'_________________________
. \ \ \ \ ,/~~~~~~~~~~~~~~~~~~~~~~~~~~~
. _____ ,'~~~ .-""-.~~~~~~.-""-.
. .-""-. ///==--- /`-._ ..-' -.__..-'
. `-.__..-' =====\\\\\\ V/.---\.
. ~~~~~~~~~~~~, _',--/_.\.-""-.
. .-""-.___` --\| -.__..-
同志们好!我们是Lulzsec,欢迎来到索尼征服计划。PS:所有我们从索尼公司内部网络窃取的资料都是我们在没有外界援助的情况下独立获得的。 我们最近采取了针对哥伦比亚电影公司的入侵,波及了一百余万用户的个人信息,包裹密码,电邮地址,家庭住址,生日和公司的行政文件,密码,七万五千个音乐密码,三百五十万张音乐礼券。 但是由于我们的硬件资源有限(我们需要补充资金)我们无法将全部信息复制下来。但是我们保留了一些样本,以证明我们行动的真实性。理论上我们可以带走所有的信息,但是那就得花上几个礼拜。 我们的目标不是给人以顶级黑客的印象。以下内容才是我们想要表达的:“哥伦比亚电影公司在一个可以被简单资料隐码入侵的系统。众所周知,这是一些最简单和原始的漏洞之一。通过单个攻击,我们就可以获取任东西。为什么索尼会让他们的网络留下那么严重的漏洞以至于使之暴露下简单的网络攻击之下呢? 更糟糕的是,我们发现的所有文件都是未经加密。这就意味着该公司是以明文的形式存储了超过一百万用户的信息和密码。这样能找到这些文件,那么它们就几乎是公开的。这样既荒唐又危险。 这些对于索尼来说还真是一个窘境。我们在文本中提供了SQLI Link 的相关细节,我们欢迎任何有胆量的人去亲自一探究竟。如果可以,你甚至可以把那三百五十万音乐礼券作为战利品。
我们获得的信息包括一个索尼博德曼位于比利时和荷兰的数据库。这里面同样包括用户资料和员工信息。 请访问我们的推塔获得更多相关信息,再见 ^_^
原文:Greetings folks. We're LulzSec, and welcome to Sownage. Enclosed you will
find various collections of data stolen from internal Sony networks and websites,
all of which we accessed easily and without the need for outside support or money.
We recently broke into SonyPictures.com and compromised over 1,000,000 users'
personal information, including passwords, email addresses, home addresses,
dates of birth, and all Sony opt-in data associated with their accounts.
Among other things, we also compromised all admin details of Sony Pictures
(including passwords) along with 75,000 "music codes" and 3.5 million "music coupons".
Due to a lack of resource on our part (The Lulz Boat needs additional funding!)
we were unable to fully copy all of this information, however we have samples
for you in our files to prove its authenticity. In theory we could have taken
every last bit of information, but it would have taken several more weeks.
Our goal here is not to come across as master hackers, hence what we're about
to reveal: SonyPictures.com was owned by a very simple SQL injection, one of
the most primitive and common vulnerabilities, as we should all know by now.
From a single injection, we accessed EVERYTHING. Why do you put such faith in
a company that allows itself to become open to these simple attacks?
What's worse is that every bit of data we took wasn't encrypted. Sony stored
over 1,000,000 passwords of its customers in plaintext, which means it's just
a matter of taking it. This is disgraceful and insecure: they were asking for it.
This is an embarrassment to Sony; the SQLi link is provided in our file contents,
and we invite anyone with the balls to check for themselves that what we say
is true. You may even want to plunder those 3.5 million coupons while you can.
Included in our collection are databases from Sony BMG Belgium & Netherlands.
These also contain varied assortments of Sony user and staffer information.
Follow our sexy asses on twitter to hear about our upcoming website. Ciao! ^_^
o3O119),原始漏洞,未加密文件…… 日本不听话之后的结果,先是丰田,这把又是索尼 索尼是否也可用武力报复? 只有经过没有起因和结尾啊?
看不懂啊 Q69)... o3O119) 游戏厂商和黑客利益分配不均而已,常事了,微软的XBOX LIVE从没出现过这么大的伟绩,PSN被攻陷月余,丢了很多客户。
页:
[1]